With the growing popularity in cryptocurrency investments, class actions related to crypto assets have soared.  These lawsuits raise a host of novel legal questions, including how established personal jurisdiction principles apply to crypto companies.  A Colorado federal court recently provided guidance on this question, dismissing a lawsuit involving crypto wallet Atomic Wallet for lack of personal jurisdiction.  See Meany v. Atomic Protocol Sys. OU, 2024 WL 4135762 (D. Colo. Sept. 10, 2024).

The plaintiffs in this case used Atomic Wallet, and they claimed that their crypto assets were among the more than $100 million in cryptocurrency that North Korean hackers allegedly stole in 2023 from Atomic Wallet users.  The plaintiffs filed a complaint against Atomic Wallet, the operator of the wallet, and Evercode Infinite, the software company that developed the platform.  The complaint asserted a mix of claims, including negligence, gross negligence, fraudulent misrepresentation, fraudulent concealment, and civil conspiracy.  According to the plaintiffs, the defendants knew of security vulnerabilities in Atomic Wallet and failed to remedy them, and these security vulnerabilities allegedly allowed the hackers to access and steal the plaintiffs’ crypto assets. 

The court dismissed the claims against the crypto wallet defendants for lack of personal jurisdiction without leave to amend.  The plaintiffs conceded there was no general jurisdiction over the crypto wallet defendants, which were based in Estonia and the United Arab Emirates.  Only specific jurisdiction was at issue.  The question before the court was whether the plaintiffs had carried their burden to establish that the crypto wallet companies’ contacts with the forum established “purposeful availment.”

In dismissing the crypto wallet companies for lack of personal jurisdiction, the court confirmed that established personal jurisdiction principles apply equally to crypto companies.  The court applied these principles to reject each of the plaintiffs’ theories for establishing purposeful availment.

  • Marketing to Forum Residents: The plaintiffs failed to establish purposeful availment based on Atomic Wallet’s alleged marketing of its platform “in Colorado to Colorado residents.”  The only advertisements the plaintiffs pointed to were advertisements for Atomic Wallet posted on Twitter (now known as X), but the mere allegation that the posts “were viewable in Colorado” did not establish that Atomic Wallet “directed its internet advertising activity to Colorado,” or that the advertisements were made “to Colorado citizens, in particular.”

  • Cash Back Tokens, Security Updates, Mnemonic Keys, and Applications Made Available to Forum Residents:  The plaintiff also failed to establish purposeful availment based on the theory that Atomic Wallet “purposefully directs activities into” Colorado.  In support of this theory, the plaintiffs alleged that Atomic Wallet “made security updates, mnemonic keys, desktop and mobile applications available to Colorado users and sent cash back tokens to Colorado users.”  The court rejected this theory because only one plaintiff was a Colorado resident and software applications like crypto wallets “can reach users without [a company] knowing where those users are located.”

  • Communications with Forum Residents: The court rejected as irrelevant that Atomic Wallet allegedly “communicated with users” that it knew were “located in Colorado,” because it is well established that “a defendant’s knowledge of a plaintiff’s connection to a forum state” is insufficient to establish purposeful availment. 

  • Affiliated Software Developer:  Even if there were purposeful availment as to Atomic Wallet, the plaintiff failed to establish that requirement as to Evercode, the software company that developed the crypto wallet.  “[F]or a defendant’s contacts with a forum state to constitute purposeful availment, the contacts must be the defendant’s own choice,” and “plaintiffs do not allege that Evercode caused Atomic Wallet to make its software, mnemonic keys, and security updates available to Colorado residents.”  Under established Supreme Court precedent, “it is not enough to show that Evercode is affiliated with another defendant over which the Court has personal jurisdiction.” 

This decision confirms that long-established jurisdictional principles still apply to companies that provide digital or online services and products.  Crypto companies, as well as tech companies more broadly, should consider the Meany court’s guidance regarding personal jurisdiction when confronted with putative class actions going forward.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Matthew Verdin Matthew Verdin

Matthew Verdin focuses on defending clients in the technology and financial services sectors. He has a strong record of delivering wins on behalf of clients in class actions and complex litigation, particularly in privacy and consumer protection lawsuits. Matthew is particularly successful in…

Matthew Verdin focuses on defending clients in the technology and financial services sectors. He has a strong record of delivering wins on behalf of clients in class actions and complex litigation, particularly in privacy and consumer protection lawsuits. Matthew is particularly successful in securing dismissals at the pleadings stage. For example, he won dismissal at the pleadings stage of over a dozen wiretapping class actions involving the alleged use of website analytics tools to collect data about users’ website visits. He also advises companies on managing litigation risk under federal and state wiretapping laws.

Matthew is also dedicated to pro bono legal services. Recently, he helped a domestic violence survivor win a case in the California Court of Appeal. Matthew’s oral argument led to the court ordering renewal of his client’s restraining order just one day later.

Photo of Devon Schulz Devon Schulz

Devon Schulz is an associate in Covington’s San Francisco office and a member of the firm’s Litigation and Investigations Practice Group. Devon also advises clients on privacy and cybersecurity issues, including compliance obligations. She earned her J.D. from the UCLA School of Law…

Devon Schulz is an associate in Covington’s San Francisco office and a member of the firm’s Litigation and Investigations Practice Group. Devon also advises clients on privacy and cybersecurity issues, including compliance obligations. She earned her J.D. from the UCLA School of Law, where she served as a Managing Editor for the UCLA Journal of Law and Technology.

Devon maintains an active pro bono practice focusing on civil rights and criminal justice.